tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From billbar...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSE14Support.java
Date Thu, 17 Apr 2003 08:11:47 GMT
billbarker    2003/04/17 01:11:46

  Modified:    util/java/org/apache/tomcat/util/net/jsse JSSE14Support.java
  Log:
  Re-adding logging for client-cert errors (but from warn->debug).
  
  The this and the previous patch can be combined by simply lowering the logging level on
Http11Processor.
  
  I'm strongly -1 on passing untrusted-certs through.  It is easy enough to add the CA to
the keystore, and it is a major security hole to except forged certs.
  
  Revision  Changes    Path
  1.4       +1 -0      jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSE14Support.java
  
  Index: JSSE14Support.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSE14Support.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- JSSE14Support.java	16 Apr 2003 19:23:34 -0000	1.3
  +++ JSSE14Support.java	17 Apr 2003 08:11:46 -0000	1.4
  @@ -150,6 +150,7 @@
           try {
   	    certs = session.getPeerCertificates();
           } catch( Throwable t ) {
  +            logger.debug("Error getting client certs",t);
               return null;
           }
           if( certs==null ) return null;
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message